• Conduct risk assessments of vendors and third-party partners. • Evaluate security controls implemented by third parties and identify potential vulnerabilities. • Ensure adherence to corporate information security and risk management policies. • Identify, document and track mitigation plans for identified risks. • Collaborate with the GRC team in managing information security risks. • Review evidence, certifications and compliance attestations from vendors. • Assess alignment with industry frameworks and best practices, including NIST. • Support the implementation and monitoring of security controls. • Participate in contract reviews between the company and vendors, ensuring information security requirements are included and followed. • Work closely with Legal and Procurement teams to mitigate contractual risks related to security. • Prepare executive reports and technical opinions on identified risks. • Present assessment results to business areas, managers and stakeholders. • Support risk-based decision making by providing mitigation recommendations. • Assist with concurrent investigations of security incidents. • Contribute to threat and vulnerability monitoring activities. • Produce incident reports and support senior teams in the analysis and remediation of occurrences.

• Incident Management: Lead the incident response lifecycle (preparation, identification, containment, eradication, and recovery). • Forensic Analysis: Perform digital forensics on hosts (Windows/Linux/iOS/Android), memory, networks, and cloud environments to identify the root cause of compromises. • Advanced Monitoring: Work together with the SOC/Support team to triage high-complexity alerts in XDR/SIEM and NDR tools. • Threat Hunting: Conduct proactive searches for threats that may have bypassed existing security controls. • Documentation and Reporting: Produce detailed technical reports and forensic findings to support executive decision-making and regulatory compliance (Bacen/LGPD). • Continuous Improvement: Recommend adjustments to detection rules and security policies based on the tactics (TTPs) observed during investigations.

• Monitor and analyze security events utilizing Splunk Enterprise Security (ES). • Build, maintain, and tune Splunk searches, correlation rules, alerts, and dashboards. • Conduct incident response activities from detection through containment, eradication, recovery, and closure. • Investigate endpoint security incidents utilizing Microsoft Defender for Endpoint. • Perform endpoint policy management and incident investigations. • Assess AWS cloud security telemetry utilizing GuardDuty, Security Hub, and related cloud security services. • Identify threats, vulnerabilities, suspicious activity, and cloud misconfigurations. • Execute alert triage, incident scoping, and escalation activities according to established playbooks. • Recommend updates and improvements to operational procedures and incident response playbooks. • Support threat hunting activities and detection engineering initiatives aligned to MITRE ATT&CK methodologies. • Perform phishing investigations, alert enrichment, and forensic review activities. • Conduct root cause analysis and document corrective actions following security incidents. • Track incidents and operational tasks utilizing case management systems. • Participate in tabletop exercises and operational readiness activities. • Collaborate with Security Operations teams, Incident Response personnel, and federal stakeholders. • Prepare reports and communicate findings to technical and non-technical audiences. • Perform other job-related duties as assigned.

Role Description The Senior Forensic Examiner is responsible for performing advanced forensic scoping, forensic consultation, forensic collection, forensic analysis, forensic reporting, and expert testimony. They are responsible for determining the most defensible method of collection and troubleshooting any data issues that may arise. They are also responsible for the more intricate and new data source collections and analysis. What You'll Do - Forensic Collections and Investigations: - Conducts forensic collections of digital evidence using best practices and approved software and hardware. - Acquires electronic data from cloud sources, computers, mobile devices, and other digital media in a forensically sound manner. - Consults with customers to conduct forensic collections, perform exports and reporting, and conduct investigations. - Forensic Reporting: - Creates summary reports, forensic artifact reports, and formal forensic expert reports when requested by the client. - Maintains contemporaneous forensic examination notes. - Expert Testimony (Written/Oral): - Provides expert testimony regarding investigative forensic findings. - Technical Consultancy and Support: - Serves as a technical consultant on data management and digital forensic methodology and concepts. - Provides technical guidance and assistance to staff involved in the investigation and litigation process to prevent evidence spoliation. - Quality Assurance and Legal Support: - Ensures all hardware and software are verified and validated according to established guidelines and the Federal Rules of Evidence. - Drafts affidavits, declarations, expert reports, and provides oral testimony in defense of forensic findings or processes. Qualifications - 9+ years of progressive technical experience demonstrating relevant skills in digital forensic collections and investigations. - Hands-on experience with digital forensic tools such as MetaSpike Forensic Email Collector (FEC), X-Ways, AccessData Forensic ToolKit (FTK), OpenText EnCase, Cellebrite UFED/PA, Cellebrite Digital Collector, Cellebrite Inspector, Magnet Forensics Axiom Cyber, Paraben E3, Fookes Aid4Mail, and GetData Forensic Explorer (FEX). - Experience with the chain of custody and evidence handling best practices. - Strong understanding and knowledge of disk structures, file systems, and forensic artifacts for modern operating systems for Windows and Apple computers. - Strong understanding, knowledge and experience of Microsoft Purview and Google Workspace and their metadata. - Experience applying forensic investigative and litigation support principles methodologies. - Excellent documentation and communication skills with technical report writing experience. - Ability to multitask and manage multiple projects and competing priorities simultaneously. - Capability to work independently and within a team environment. Requirements - 5+ years experience within the private sector of e-Discovery, performing collections of email, cloud sources, mobile devices, workstations, servers, and structured data. - 5+ years experience performing forensic investigations and analysis. - Experience testifying in civil or criminal courts in defense of forensic investigative findings. Authorization to Work in the U.S. - Candidates must be legally authorized to work in the United States without sponsorship now or in the future. - DISCO is not currently sponsoring visas, including, but not limited to, H-1B, TN, or EAD, and we are not accepting visa transfers. Benefits - Open, inclusive, and fun environment. - Benefits, including medical, dental and vision insurance, as well as 401(k). - Competitive salary plus RSUs. - Flexible PTO. - Opportunity to be a part of a company that is revolutionizing the legal industry. - Growth opportunities throughout the company.